Java Agent 2.21.6

Notes

Note: This is a bugfix release for the legacy Java SE5 version of the agent. Unless you are a Java SE5 user, use the latest version of the agent.

The 3.x agent works with Java SE 6 and 7. If you are using Java SE 5, this is the release for you.

Fix: XML entity expansion with non-SSL connection to New Relic

Fixed an XML entity expansion vulnerability that only occurs when the
agent is configured with ssl: false; the default is true. The agent already
has other protection against unauthorized entity expansion. This fix is an
additional layer of protection.

Was this page helpful? *

Yes

No

Great! Help us improve our content by telling us what worked well and what we could do better.

Sorry to hear that. How can we improve this content?

Comments

Note: This feedback form exists solely to improve the quality of our documentation. If you need help with New Relic products or want responses to your questions, please see our support site.